git ssb

2+

cel / ssb-web-server



Commit 51c2321a08e18390c1362180ce1df2d369bf93a6

Update README.md

Paul Frazee committed on 3/12/2016, 9:33:18 PM
Parent: bf976e2bb9866a8d072ad0dc56969e9070a87e71

Files changed

README.mdchanged
README.mdView
@@ -9,18 +9,21 @@
99 ## Usage
1010
1111 To open a blob, go to `localhost:7778/{hash-id}`.
1212
13-If you want to develop an HTML page, place it (and its assets) in `~/ssb/web`. You can then open it at `localhost:7778/path/to/file`, which will map to `~/ssb/web/path/to/file`.
13 +If you want to develop an HTML page, place it (and its assets) in `~/ssb/web`.
14 +You can then open it at `localhost:7778/path/to/file`, which will map to `~/ssb/web/path/to/file`.
1415
15-If you want to publish an HTML page to the network, use [html-inline](https://www.npmjs.com/package/html-inline) to pack any linked assets into a single HTML blob, then commit with `sbot blobs.add`. Afterwards, you can reference the hash in an SSB message to distribute it across the network.
16 +If you want to publish an HTML page to the network, use [html-inline](https://www.npmjs.com/package/html-inline) to pack any linked assets into a single HTML blob, then commit with `sbot blobs.add`.
1617
18 +Afterwards, you can reference the hash in an SSB message to distribute it across the network.
19 +
20 +[Example Application](https://github.com/pfraze/ssb-web-server-demo-app)
21 +
1722 ## SSB API
1823
1924 Pages have `window.ssb` injected by the server, so they can read and write to the network.
2025
21-Userland pages are given a subset of read functions, and a modified `publish` function which opens a permission prompt.
22-
2326 ## Setup
2427
2528 Use as a scuttlebot plugin:
2629
@@ -39,4 +42,21 @@
3942
4043 ## Details
4144
4245 This creates two servers, at `:7777` and `:7778`. The `:7777` serves the "trusted" application (Patchwork) while `:7778` serves "userland," which is files in the blob store and at `~/.ssb/www`.
46 +
47 +### Frontend Sandbox
48 +
49 +The Userland pages are hosted with Content Security Policies which keep them from accessing the internet. Instead, they interact with the local server to access the `ssb` API and other blobs.
50 +
51 +Userland pages are only given a subset of read functions, and a modified `publish` function which opens a permission prompt.
52 +
53 +### Objectives
54 +
55 + 1. Secure primitives for distributing and running applications offline.
56 + 2. APIs for building single-page applications.
57 +
58 +Scuttlebot will provide the backend, with APIs to read/write data and files, watch realtime updates, and more.
59 +This will leave you free to focus on the frontend.
60 +
61 +For users, the environment should provide a nice privacy upgrade (offline, e2e encryption) and give them freedom to clone & modify their apps.
62 +Since the data and code is stored locally, there's no more "gatekeeping" to stop users from changing their applications.

Built with git-ssb-web